Curriculum Vitae

    Last updated: Oct. 2016


Projects




September 2014

Many works in recent years have looked at the possibility of fine-tuning refresh rate of DRAM to achieve energy savings. Unfortunately, a worrying trend among these works are reliance on assumptions from a disparate set of earlier works, simulations, or mathematical models which are in turn based on measurements from a common set of prior experiments for their evaluation.
Maybe we need an open platform to bring some sanity to this space?

August 2014

Approximate Computing is an emerging research area that seeks to trade-off the accuracy of computation for increases in performance or reductions in power consumption. However, the security and privacy concerns of the approximate computing model has however been left unexplored by researchers thus far.
As a first step toward understanding the security implications of approximate computing, we looked at approximate memories and showed that any output produced by them are imprented with a unique fingerprint. More details in near future.

July 2014

In DRV-Fingerprinting, we looked at using the data retention voltage of SRAM cells as a physical unclonable function (Look at entry from July 2012 for more info). One weakness with DRV is that it is sensitive to temperature variations.
We are currently working on a challenge-response hash function that is insensitive to temperature. We are also working on a machine learning appraoch for simulation-free modeling of DRV. More on this work soon.

May 2014

The increasing use of computer systems in medical domain along with their ever increasing connectivity has made the medical devices more susceptible to traditional malware infections. Our overarching goal in the Stigmalware project is the detection, qualification, and quantification of malware in the clinical domain. For more on this work see our submission at USENIX Health Tech.

August 2013

Embedded devices are notoriously hard to secure against malware because of their limited resources, predefined configurations, and incompatibility with traditional anti-malware mechanisms such as anti-viruses or network intrusion-detection systems.
In WattsUpDoc presented at USENIX Health Tech, we use systemwide power consumption measurement and machine learning techniques to monitor devices for any unusual activity. WattsUpDoc works as an independent entity and requires no modifications on the system it is monitoring nor imposes any computational overhead on it. Power has long been used as a side channel to glean information about the computations of a system but WattsUpDoc will be the first system to use this information for good.

August 2012

Having a trustworthy source of time is an unwritten fundamental assumption of most security protocols. While a continuously powered device can maintain a reasonably accurate clock, many intermittently powered devices such as RFID tags, credit cards, and smartcards do not have a similar luxury.
In TARDIS (Time And Remanence Decay In SRAM) presented at USENIX Security, using the decay distribution of cells in SRAM, we provide a coarse-grained, hourglass-like timer that does not require power or special purpose hardware to function. We believe TARDIS can be invaluable for the implementation of many security features, such as throttling on these devices.

July 2012

Physical unclonable functions (PUFs) are physical characteristics that can be used to uniquely identify similar chips from one another. One of the popular types of PUFs are based on power-up state of SRAM. The main obstacle in using SRAM PUFs however is the low entropy per bit yield (0.06 bits per cell).
To remedy this, we proposed a new variant of SRAM PUF that uses the data retention voltage (the voltage at which a cell loses its state) instead of the power-up state of cell as a source of entropy. Beside orders of magnitude of higher entropy yield, this approach has an added benefit in that it can provide a knob for how much entropy is produced based on the granularity of DRV measurements. In DRV-Fingerprinting presented at RFID'Sec, we show that this approach can yield more than 5 bits of entropy per cell, given the measurement granularity of only 20mV.